[Dnsmasq-discuss] Different behaviour with "interface=" on two almost identical systems
Chris Buechler
cbuechler at gmail.com
Fri Mar 29 20:45:20 UTC 2024
On Thu, Mar 28, 2024 at 11:40 AM Chris Green <cl at isbd.net> wrote:
>
> I did try stopping dnsmasq and then nothing was listening on port 53.
> However, just to prove it:-
> root at backup:~# ss -tulpn sport = 53
>
> Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
> Process
> udp UNCONN 0 0 0.0.0.0:53 0.0.0.0:*
> users:(("dnsmasq",pid=1826,fd=4))
> udp UNCONN 0 0 [::]:53 [::]:*
> users:(("dnsmasq",pid=1826,fd=6))
> tcp LISTEN 0 32 0.0.0.0:53 0.0.0.0:*
> users:(("dnsmasq",pid=1826,fd=5))
> tcp LISTEN 0 32 [::]:53 [::]:*
> users:(("dnsmasq",pid=1826,fd=7))
>
That's the nature of how dnsmasq binds by default. You need two config
lines to actually bind only to localhost:
listen-address=127.0.0.1
bind-interfaces
The listen-address config will make it only reply to queries to localhost,
but doesn't prevent wildcard binding. bind-interfaces makes it bind
explicitly to the listen-address. See the bind-interfaces section of the
man page for details.
https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20240329/a73df467/attachment.htm>
More information about the Dnsmasq-discuss
mailing list